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DETAILED ACTION 
Claim Objections 

Claim 31 is objected to because of the following informalities: Claim 31 should 
be referring back to claim 30 not claim itself (31 ). The Examiner will examine these 
claims as if they are dependent on claim 30. Appropriate correction is required. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out 
and distinctly claiming the subject matter, which the applicant regards as his 
invention. 

Claims 6, 19, 22, and 25 are rejected under 35 U.S.C. 112, second paragraph, 
as being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

Claim 6 recites the limitation "the electrical signal is an address" which doesn't 
further limit Claim 4. There is insufficient antecedent basis for this limitation in the 
claim. 

Claim 22 recites the limitation "the image" and "the flash" which doesn't appear 
anywhere in the Claim 22 section. There is insufficient antecedent basis for this 
limitation in the claim. 

Claim 25 recites the limitation "the first and second embedded devices" and "the 
awareness of the host platform" which appears in the Claims 2-24 section. There is 
insufficient antecedent basis for this limitation in the claims. 
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Claim 19 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. Claim 19 has a method step (device does not authenticate the 
apparatus) in an apparatus claim. 

Claim Rejections - 35 USC § 101 



35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 29-38 are rejected under 35 U.S.C. 101 because Claims 29-38 are directed to 
"computer program products" stored in a "computer readable medium". Generally, 
functional descriptive material, such as a computer program, is statutory when it is 
stored on a tangible computer readable medium. See MPEP § 2106 IV. B.I (a). 
However, in the present application, the specification defines "computer readable 
medium" to include, for example, paper or various transmission media [0037]. A 
computer program listing on a sheet of paper is not considered to provide functionality, 
and is therefore considered to be merely a computer program per se, which is non- 
statutory subject matter. Further, "transmission media" such as "communications links" 
as broadly defined may include non-tangible media such as signals, which are also 
considered non-statutory. When a claim encompasses both statutory and non-statutory 
subject matter, the claim as a whole is directed to non-statutory subject matter. 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-38 are rejected under 35 U.S.C. 102(b) as being anticipated by Baldwin 
et al. (US 2004/0039924 A1 ). 

Claim 1 

Baldwin discloses a method comprising: provisioning a symmetric cryptographic key 
across multiple clients through multiple embedded agents (see at least, [0208]: " the 
clients (multiple clients) identify themselves using..."), each client having one of the 
embedded agents, one embedded agent in each client having an embedded agent to 
store the symmetric cryptographic key in a storage accessible to the embedded agent 
and not directly accessible to a host processor on the client (see at least, Figure 1, 
[0067]: " the cryptographic engine performs cryptographic operations in a restricted 
mode that is only accessible during normal operation by transferring control from a 
normal mode of the processor to a restricted mode of the processor via CryptoGate... 
symmetric key(s) and of performing symmetric cryptographic and public key 
cryptography and of pseudo random number generation, an optionally of private key 
cryptography..."); and providing access to an encrypted traffic flow in a network to a 
client if the client is authenticated with the key (see at least Figure 4, [0695-0700]: 
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"multi-factor client authentication application for accessing a virtual private network... 
software component running on a Device Authority server connected to the internet and 
with access to a database of KID/DMK pairs...") 

Claim 2 

Baldwin discloses a method according to claim 1 , wherein provisioning the key through 
the embedded agents further comprises provisioning the key through an embedded 
agent having network access via a network link not visible to a host operating system 
(OS) running on the client (see at least, Figure, Figure 4, [0694-0700]: "VPN"; [0067]: " 
the cryptographic engine performs cryptographic operations in a restricted mode that is 
only accessible during normal operation by transferring control from a normal mode of 
the processor to a restricted mode of the processor via CryptoGate... symmetric key(s) 
and of performing symmetric cryptographic and public key cryptography and of pseudo 
random number generation, an optionally of private key cryptography...")). 

Claim 3 

Baldwin discloses a method according to claim 2, wherein providing access to the traffic 
flow if the client is authenticated comprises the embedded agent authenticating the 
client over the network line not visible to the host OS (see at least, Figure 1 , Figure 4, 
[0694-0700]:"VPN: client over the network not visible to the host OS"; [0039]: "...if the 
unsealed AppContainer has acceptable values then the specific application on a 
specific device is considered to be authenticated... [0199] :"PubKContainer is a digital 
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envelope that is sealed by the client with an RSA public key...") ). 
Claim 4 

Baldwin discloses a method according to claim 1 , wherein providing access to the traffic 
flow further comprises providing multiple clients access with the key to nodes in the 
network, the nodes in the network to decrypt the traffic flow and subsequently encrypt 
the traffic flow to transmit the traffic to a next node in the network (see at least, Figure 4, 
[0704-0716]: "The VPN typically includes a number of machines that cooperate between 
them to grant access and block untrusted traffic..." "Process name Description MFCA 
Subscription Process that generates licensing information for a SAM... The ultimate 
purpose of this registration is to provide SAM with the appropriate App Key to seal and 
unseal App Containers that will be exchange with the client device... the VPN client, 
SAM server, and the ARM server have to be configured to be able to hand out the 
appropriate App Keys successfully.."). 

Claim 5 

Baldwin discloses a method according to claim 1 , further comprising updating at a client 
the symmetric cryptographic key provisioned across the multiple clients through a public 
and private key exchange with a public and private key associated the client (see at 
least, [0075] : "perform these functions, the authentication server seals and unseals 
containers that are exchanged with a cryptographically-enable- d client device, using 
the assistance of one or more Device Authority servers as needed. The authentication 
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server maintains a table of Key ID (KID) values... "[0176]: " an acknowledgment servlet 
waits for a client response and then updates the database table for permanent DMK..., 
[0747]: " PubK Containter using the private bit of the communication key and updates its 
internal tables with the new device ADID.. if everything is all right, the application 
registration module has the Key ID of the client device, so it finds the DMK, and 
computes the App Key for the given ACD..."). 

Claim 6 

Baldwin discloses a method according to claim 1 , wherein providing access if the client 
is authenticated further comprises: the embedded agent verifying that a platform 
associated with the client is not compromised; and the embedded agent providing the 
key and an assertion that the client is not compromised to a verification entity on the 
network (see at least, [0015] The present invention provides a small security kernel, 
that facilitates the process of analyzing and establishing trust in the implementation of 
the kernel, while at the same time removing the limitations of the aforementioned add- 
on hardware solutions. Ideally, the security kernel operates in a separate domain from 
both the application programs (applications) and the operating system (OS) running on 
the host machine, and yet with access to the memory of the OS and applications. The 
present invention provides such a security architecture by creating a small inner 
security kernel within the boundaries of a traditional existing operating system, and that 
can verify the integrity of and perform secure operations on behalf of the OS and 
applications. [0016] Another important aspect of this invention is that it enables the 
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security kernel to be tied into an infrastructure that can establish trust via between two 
devices (e.g., client device and DSS), in some embodiments via a shared symmetric 
key. [0017] Key aspects of the present invention comprise [0018] (1) Open-at-reset 
lockable (OAR-locked) non-volatile memory (NVM) that contains a secret master key, 
called the Device Master Key or DMK, which is unique to the device. The DMK is 
moved into SMRAM, a specially controlled region of memory that is only accessible in 
a System Management Mode (SMM) at startup, and whereafter OAR-locked non- 
volatile memory is disabled, [0019] (2) containers to bind the DMK to specific 
applications, and that solves privacy/user controllability problems, and [0020] (3) spot 
checking of the integrity of a calling application "on-the-fly". [0021 ] The invention also 
provides Application Keys that are bound to the device and to Applications, and, 
optionally, to Customer-Secrets provided by the Applications. A given application can 
have several different keys corresponding to different values of the Customer-Secret. 
[0230] The CustomerSecret part allows a company to discard compromised 
application Containers without having to get a new build for the application 
that would produce a different Application Code Digest. Also, this CustomerSecret 
allows a given instance of an application (e.g. secure logon application) on a device to 
securely share data with more that one server. Each server would setup a unique 
CustomerSecret with that same application on the same device. Thus, the sealed 
AppContainers could only be decrypted if the correct CustomerSecret is provided.") 
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Claim 7 

Baldwin discloses a method according to claim 6, further comprising the embedded 
agent indicating to a remote network device if the client is compromised (see at least, 
Figure 4, [0652] Presented below is a description of the application registration module 
(ARM) component in the MFCA VPN product. The application registration module 
assists a Strong Authentication Module (SAM) in providing access to the secure App 
Containers that are exchanged between the client devices and cryptographically- 
enabled servers."). 

Claim 8 

Baldwin discloses a method according to claim 6, further comprising the embedded 
agent foreclosing network access to the client if the client is compromised (see at least, 
Figure 1, Figure 4, [0029]: "Another exemplary system for hiding a master 
cryptographic key in storage comprises power-on software that reads a master key 
from non-volatile storage, closes access to the non-volatile storage such that access 
does not become available again until the next system reset, and writes sensitive data 
derived from the master key to a hidden address space, and wherein only a 
program that runs in a restricted operational mode of the system has access to 
the sensitive data in the hidden address space." [0090] The protected non-volatile 
memory 1 1 is used to store the secret device master key. The BIOS system 
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initialization module 12 is responsible for securely transferring the secret DMK from 
non-volatile memory 11 into SMRAM 13, a protected memory region that is only 
addressable from SMM 16. After the DMK is transferred into SMRAM 13, the system 
initialization module 12 closes the OAR-lock latch 14 to render the non-volatile memory 
1 1 inaccessible to programs 1 5 running in the system until the next system reset. The 
DMK is only available in hidden SMRAM 16 during normal operation of the system. "). 

Claim 9 

Baldwin discloses a method according to claim 1 , further comprising the embedded 
agent performing cryptographic functions on data with the key to authenticate data with 
the key (see at least, [0067] The cryptographic engine (CryptoEngine) performs 
cryptographic operations in a restricted mode that is only accessible during normal 
operation by transferring control from a normal mode of the processor to a restricted 
mode of the processor via CryptoGate. The restricted mode operations may also 
include operations where sensitive data is available to the processor during secure 
bootstrap and Power-On Self-Test operations. The CryptoEngine is capable of storing 
and recalling high integrity public keys, and of storing at least one long-lived symmetric 
key (the DMK), and of deriving symmetric keys from the long-lived symmetric key(s), 
and of performing symmetric cryptography (both integrity and privacy primitives) and 
public key cryptography, and of pseudo random number generation, and optionally of 
private key cryptography, and optionally of other cryptographic support functions such a 
key generation and importing and exporting keys. Some embodiments of the 
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CryptoEngine may use specialized cryptographic hardware, such as smartcards, or a 
TCPA TPM." Abstract: System and method for securing a computing device using a 
master cryptographic key that is bound to the device. The master key is used to derive 
sensitive data that is transferred to storage that is only accessible in a restricted mode 
of operation. The master key is used to derive one or more application keys that are 
used to secure data that is specific to an application/device pair. Non-privileged 
programs can request functions that run in a more restricted mode to use these 
application keys. The restricted mode program checks the integrity of the non- 
privileged calling program to insure that it has the authority and/or integrity to perform 
each requested operation. One or more device authority servers may be used to issue 
and manage both master and application keys. ). 

Claim 10 

Baldwin discloses a method according to claim 1, further comprising the embedded 
agent including a derivative of the key in a header of data to be transmitted to 
authenticate the data with the key (see at least, [0198], [0247], [0279]: "AppContainer is 
a protected container that can only be read or written by a specific application program 
running on a specification machine... bound to a given machine by using a derivative of 
the DMK for encryption..." Abstract: The master key is used to derive sensitive data that 
is transferred to storage that is only accessible in a restricted mode of operation. The 
master key is used to derive one or more application keys that are used to secure data 
that is specific to an application/device pair. Non-privileged programs can request 
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functions that run in a more restricted mode to use these application keys. The 
restricted mode program checks the integrity of the non-privileged calling program to 
insure that it has the authority and/or integrity to perform each requested operation. 
One or more device authority servers may be used to issue and manage both master 
and application keys."). 

Claims 11-38 

The system, the apparatus, the article of manufacture and method claims are one of the 
same therefore rejected for the same reason as the method claims above. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Markham et al. (US 7,231,664 B2) teaches system and method for transmitting 
and receiving secure data in a virtual private group. 

McMillan et al. (US 2004/0039925 A1 ) teaches key management. 

Hanzlik et al. (US 2004/0044891 A1) teaches system and method for secure 
group communications. 

Fruehauf et al. (US 6,590,981 B2) teaches system and method for secure 
cryptographic communications. 

Srivastava et al. (US 7,013,389 B1) teaches method and apparatus for creating a 
secure communication channel among multiple event secure nodes. 
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Asunmaa et al. (US 2003/0172090 A1) teaches virtual identity apparatus and 
method for using same. 

Srivastava et al. (US 7,103,185 B1) teaches method and apparatus for 
distributing and updating private keys of multicast group managers using directory 
replication. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kari L. Schmidt whose telephone number is 571-270- 
1385. The examiner can normally be reached on Monday - Friday: 7:30am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. // 
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